Under the program, which was to be formally announced Wednesday, developers that want to obtain certification for their downloads would also have to prove their products can be easily removed from computers once installed"

"TRUSTe, an organization that already certifies and monitors Web site privacy and e-mail practices for businesses, will rely on testing by two outside labs for the vetting."

phexitol

11 November 2005, 10:53 AM

...

"TRUSTe, an organization that already certifies and monitors Web site privacy and e-mail practices for businesses, will rely on testing by two outside labs for the vetting."

Hopefully the two outside labs will help to reconcile TRUSTe's certification problems. Ben Edelman (http://www.benedelman.org/spyware/ns8/), in his rundown of Netscape 8/TRUSTe's certification process in June 2005, had this to say:

"TRUSTe issues certificates merely on the basis (http://www.truste.com/consumers/web_privacy_seal.php) of sites posting a web site privacy policy and agreeing to mediate disputes in a particular way. TRUSTe lacks serious enforcement procedures, and TRUSTe stands willing to certify a web site on the basis of its web site practices, even if the site serves primarily as a conduit for software (perhaps "spyware" or "adware") with practices inconsistent with the web site's privacy policy. So TRUSTe-certified sites may not be as trustworthy as the label suggests."

wuensch

11 November 2005, 11:08 AM

What is a certificate of that kind worth?
Who will be held responsible if the certified software turns evil?

"Easy to remove"-- how many programs you know can be unzipped an started right away?
Everything that uses Microsoft installation process is *NOT* easy to remove.

Reminds me of Microsofts certificate for drivers (whenever you install a new Graphicsdriver, "this driver is not certified" pops up because its --new.Certified drivers are usaually outdated for several months.

And a certificate would only create a dangerous appearance of security that simply is not there with software on the net--- and it would delay the publishing of new software-updates (or --see Microsoft certified drivers).

Olli

Dennik

11 November 2005, 01:50 PM

Yeah, like no one can fake an electronic certificate :rolleyes:

ThomasMahler

11 November 2005, 02:26 PM

Slightly off-topic, but on a side-note:

http://www.identity20.com/media/OSCON2005/

jeremybirn

11 November 2005, 04:11 PM

An optional "Seal of approval" type program won't solve all problems, but it could be a useful step. Especially if, in addition to being displayed for potential users, that list is used to screen who gets paid for running ads for participating companies. It's good for the big advertisiers to have standards, so they would pay legit web developers are legit adware programs for the ads they display, but not the malware developers.

-jeremy

CGTalk Moderation

11 November 2005, 04:11 PM

This thread has been automatically closed as it remained inactive for 12 months. If you wish to continue the discussion, please create a new thread in the appropriate forum.

Follow Us On:

The CGSociety

The CGSociety is the most respected and accessible global organization for creative digital artists. The CGS supports artists at every level by offering a range of services to connect, inform, educate and promote digital artists worldwide. More about us on TheArtSociety.com